Moyosola Olalekan Outsourcing Services - Our client is a Cybersecurity company located in Lagos, Nigeria and provides solution to cyber threats and risks for enterprises across Nigeria and Africa. In view of expansion, they require qualified professionals to join their outstanding team to achieve bigger organizational goals in the capacity below:
Job Title: Senior Emergency Incident Responder
Location: Lagos
Employment Type: Full-time
Job Summary
A senior emergency incident responder averts, prevent and mitigate cybersecurity threats
Key Duties / Responsibilities
Application of best practice for the technical handling of high priority, critical and escalated cybersecurity incidents across affected clients by minimizing the business impact, ensuring restoration of business operations as quickly as possible, identification of the root cause to prevent a reoccurrence, and the use of digital forensic techniques to obtain evidence about what transpired during an attack
Support cyber incident response actions to ensure proper assessment, containment, mitigation, recovery and documentation. This includes participation in incident management calls, coordinate response, triage, and reporting of incident
Interact and assist other investigative team on time sensitive, critical investigations
Provide guidance, assistance, and mentorship to junior colleague
Contribute to the definition and implementation of strategic team goals and objectives
Prepare after action reports based on lesson learned from critical cybersecurity incidents
Advise on the development and tuning of SIEM rules and contents management for continuous improvement of the SOC’s threat detection capabilities
Handle incident response preparation activities (including tabletop exercises, simulations and drills) to create and verify IR plans, playbooks and procedures while identifying opportunities for improvement
Perform Threat hunting activities, investigate /analyze large and unstructured data sets, malicious artifacts, usings EDRs and other cybersecurity solutions to identify trends and anomalies indicative of potential threats
24/7 readiness and availability for emergency incident response action in collaboration with the SOC. Response tasks outside work hours are categorized as overtime
Serve as a backup for potential staff coverage gaps to ensure business continuity.
Requirements
Qualifications:
Degree in Cybersecurity, Computer Science, Engineering, Or Related Discipline
Experience:
Minimum of 3 years relevant experience in IT security including working in a SOC
Security Certifications:
Cybersecurity certifications are a plus. Examples include, eCIR, ECIH, CEH, Security+,CySA+, eJPT, CISSP, CISM, GCFE, GCFA etc.
Skills:
Good understanding and experience of multiple security domain such as risk management, security operations analysis and triage, intrusion detection, incident response, threat hunting, malware analysis, application security, computer and mobile digital forensics
Good functional knowledge of various security tools, such as a SIEM, EDR/ XDR, digital forensics & malware analysis tools, AV, vulnerability and network scanners, IDS/IPS, Network Firewalls, NAC, DAM, etc.
Strong knowledge of malware families and network attack vectors
Strong knowledge of Linux and window system internals
Knowledge of Microsoft Active Directory Domain Services
Strong understanding of networking concepts, architectures and security mechanisms
Knowledge of database functionality for various databases e.g. SQL, Oracle etc
Good knowledge of cloud computing with AWS, Azure and GCP
Strong understanding of attackers’ tactics, techniques and procedures (TTPs)
Demonstrated experience in an enterprise level incident response team or security operation center
A keen understanding of logging components and capabilities across various systems
Solid experience and the ability to analyze network traffic, endpoint indicators, IOCs/IOAs
Ability to combine/search/correlate various log sources to identify potential threats, assess the potential damage, and recommend countermeasures
Strong analytical and problem-solving skills with excellent attention to details
Continuously learning with the ability to quickly understand and adapt to new or previously unknown security concepts and tools
Self-driven, highly motivated and determined to provide value on assignments
Leadership skills, self-awareness and emotional intelligence
Ability to work independently and in a team environment
Ability to work with multiple stakeholders such as engineering/ operation teams, internal business units, external incident response teams, and law enforcement, throughout the incident lifecycle.